Welcome!

@CloudExpo Authors: Elizabeth White, Pat Romanski, Yeshim Deniz, William Schmarzo, Stefana Muller

News Feed Item

RSA Targets Advanced Threats and 'Account Takeover' Attacks with New RSA® Adaptive Authentication Solution

RSA Enhances On Premise Risk-based Authentication Solution to Combat Fraud with New Trojan Detection and Mobile Defense Capabilities

BEDFORD, Mass., Nov. 20, 2012 /PRNewswire/ -- 

News Summary:

  • RSA® Adaptive Authentication On Premise solution uses a Big Data approach to help combat threats posed by more than 30 million variants of malware targeting end users for account takeover attacks
  • According to recent research by Aite Group, in 2011, account takeover attacks costs corporations over $400 million, a number that is expected to grow by 94% in 2016 
  • The latest version of the RSA Adaptive Authentication On Premise solution is designed to enhance mobile defense and Trojan Detection capabilities and adds innovative ATM channel protection

Full Story:

RSA, The Security Division of EMC (NYSE: EMC), today announced major enhancements to its RSA® Adaptive Authentication On Premise solution designed to help organizations in wide range of industries achieve the right balance of security against advanced threats, like those posed by Zeus, Citadel and the recently discovered Gozi Prinimalka Trojan, without compromising end user experience.

According to recent research by Aite Group, account takeover attacks resulted in over $400 million in losses in 2011, which are expected to grow by 94% to nearly $800 million by 2016.   Powered by the RSA® Risk Engine, the RSA Adaptive Authentication solution is engineered to mitigate the risk of account takeover by using a 'Big Data' approach to risk, drawing from a series of more than 100 different risk indicators, including device identification and behavior profiling, to validate user activity.  With an estimated 30 million pieces of malware targeting end users for account takeover, the latest RSA Adaptive Authentication solution is built to address changing customer requirements for convenience and ease of use while providing effective security against cybercriminal threats.

Enhanced Trojan Defenses

Organizations are constantly battling new forms of advanced threats.  By incorporating additional Trojan detection features including Proxy and HTML injection protection, the RSA Adaptive Authentication On Premise solution is engineered to address Man in the Browser (MITB) and Man in the Middle (MITM), techniques employed by the latest Trojan attacks, including Gozi Prinimalka, in an attempt to compromise end user accounts.  With the RSA Adaptive Authentication solution, anomalous interactions are detected and flagged to the organization that can then take action to block, monitor or require additional authentication measures to complete a transaction.  RSA Adaptive Authentication includes new features designed to:

  • HTML Injection Protection – Detects and flags fraudulent changes to end users' browser display via MITB attacks which attempt to either manipulate payments or harvest additional user credentials like social security number, credit card number or PIN.
  • Man vs. Machine Protection – Defends against advanced Trojans using automated script attacks to fraudulently add payees and transfer money to mule accounts.  RSA Adaptive Authentication software utilizes innovative Man vs. Machine protection to determine whether mouse or keystroke movements are associated with data input.  Additionally, the RSA Adaptive Authentication solution differentiates between users who have the browser auto complete feature turned on and can adjust the risk score accordingly. 
  • Proxy Attack Detection – Cybercriminals utilize proxy attacks to log on to banks from a proxy IP address that can allow penetration of user accounts via the genuine end user IP to gain positive device identification.  RSA Adaptive Authentication solutions determine when a login or transaction is being performed via a proxy which is anomalous to the user by identifying the true IP used, and dynamically adjusts the risk response appropriately.

New Mobile Protections

RSA has updated the RSA Adaptive Authentication On Premise solution's innovative and dedicated risk model to include location awareness and enhanced mobile device identification.  Location awareness gathers location data through WiFi, cell tower triangulation and GPS to identify anomalous locations that are new to the user, fraudulent transaction attempts by impossible ground speed differences, and when an access attempt comes from a known high risk location. Additionally, mobile device characteristics are gathered through the RSA Adaptive Authentication platform for a mobile device or directly through a Software Development Kit (SDK).

Automated Teller Machine (ATM) Protection

In addition, the RSA Adaptive Authentication solution now protects against account takeover fraud in the ATM channel by assessing ATM-specific activity including date and time of access, transaction amount, frequency of withdrawal, ATM owner and ID and location of ATM in order to assess risk.  With the rise of ATM-based account takeover and mule withdrawal attacks, the RSA Adaptive Authentication solution has been enhanced to detect and monitor against these threats without requiring additional software to be installed on ATM machines.

RSA Executive Quote:

Manoj Nair, General Manager, RSA Identity & Data Protection group

"Account takeover is currently the single most important issue for many of our customers.  As sophisticated malware continues to proliferate and cybercriminals evolve their methods, it's our responsibility to quickly adapt to help customers mitigate the threat.  The enhancements made to the RSA Adaptive Authentication On Premise solution is part of a cohesive strategy designed to address the changing needs of our customers and mitigate ongoing risks associated with the latest malware hitting online, mobile and ATM channels."

Industry Analyst Quote:

Julie Conroy, Research Director, Aite Group

"The trajectory of cybercrime is increasing at a frightening pace, driven by international organized crime rings intent on financial gain.  Organizations that need to protect web resources are looking to security solutions that keep them one step ahead of cybercriminals while also balancing convenience for the end-user."

Availability

RSA Adaptive Authentication On Premise 7.0 is available now. 

Featured Resources:

Additional Resources:

About RSA

RSA, The Security Division of EMC, is the premier provider of security, risk and compliance management solutions for business acceleration. RSA helps the world's leading organizations succeed by solving their most complex and sensitive security challenges. These challenges include managing organizational risk, safeguarding mobile access and collaboration, proving compliance, and securing virtual and cloud environments.

Combining business-critical controls in identity assurance, encryption & key management, SIEM, Data Loss Prevention and Fraud Protection with industry leading eGRC capabilities and robust consulting services, RSA brings visibility and trust to millions of user identities, the transactions that they perform and the data that is generated. For more information, please visit www.EMC.com/RSA.

 

RSA and EMC are either registered trademarks or trademarks of EMC Corporation in the United States and/or other countries.  All other products and/or services referenced are trademarks of their respective companies. 

 

SOURCE EMC Corporation

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

CloudEXPO Stories
Extreme Computing is the ability to leverage highly performant infrastructure and software to accelerate Big Data, machine learning, HPC, and Enterprise applications. High IOPS Storage, low-latency networks, in-memory databases, GPUs and other parallel accelerators are being used to achieve faster results and help businesses make better decisions. In his session at 18th Cloud Expo, Michael O'Neill, Strategic Business Development at NVIDIA, focused on some of the unique ways extreme computing is being used on IBM Cloud, Amazon, and Microsoft Azure and how to gain access to these resources in the cloud... for FREE!
Digital transformation has increased the pace of business creating a productivity divide between the technology haves and have nots. Managing financial information on spreadsheets and piecing together insight from numerous disconnected systems is no longer an option. Rapid market changes and aggressive competition are motivating business leaders to reevaluate legacy technology investments in search of modern technologies to achieve greater agility, reduced costs and organizational efficiencies. In this session, learn how today's business leaders are managing finance in the cloud and the essential steps required to get on the right path to creating an agile, efficient and future-ready business.
CI/CD is conceptually straightforward, yet often technically intricate to implement since it requires time and opportunities to develop intimate understanding on not only DevOps processes and operations, but likely product integrations with multiple platforms. This session intends to bridge the gap by offering an intense learning experience while witnessing the processes and operations to build from zero to a simple, yet functional CI/CD pipeline integrated with Jenkins, Github, Docker and Azure.
Fact: storage performance problems have only gotten more complicated, as applications not only have become largely virtualized, but also have moved to cloud-based infrastructures. Storage performance in virtualized environments isn’t just about IOPS anymore. Instead, you need to guarantee performance for individual VMs, helping applications maintain performance as the number of VMs continues to go up in real time. In his session at Cloud Expo, Dhiraj Sehgal, Product and Marketing at Tintri, shared success stories from a few folks who have already started using VM-aware storage. By managing storage operations at the VM-level, they’ve been able to solve their most vexing storage problems, and create infrastructures that scale to meet the needs of their applications. Best of all, they’ve got predictable, manageable storage performance – at a level conventional storage can’t match. ...
"We do one of the best file systems in the world. We learned how to deal with Big Data many years ago and we implemented this knowledge into our software," explained Jakub Ratajczak, Business Development Manager at MooseFS, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.